IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields.
History

Tue, 08 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 08 Jul 2025 19:00:00 +0000

Type Values Removed Values Added
Description IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for GRC Objects when an authenticated user sends a specially crafted payload to the server allowing for data to be saved without storing the required fields.
Title IBM OpenPages with Watson improper input validation
First Time appeared Ibm
Ibm openpages With Watson
Weaknesses CWE-602
CPEs cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm openpages With Watson
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-07-08T18:42:25.925Z

Updated: 2025-07-08T19:06:17.456Z

Reserved: 2025-02-22T15:25:27.069Z

Link: CVE-2025-27367

cve-icon Vulnrichment

Updated: 2025-07-08T19:06:07.343Z

cve-icon NVD

Status : Received

Published: 2025-07-08T19:15:40.150

Modified: 2025-07-08T19:15:40.150

Link: CVE-2025-27367

cve-icon Redhat

No data.